Melapress arranges the WordPress security survey every year. The recent survey helps us determine the actual condition of WordPress security in 2024. It ran the study in two different ways – one in-person at WordCamp Europe and another online. Let’s see what insights we have got.
Starting with Two Factor Authentication, which is the most popular security measure recommended by Google & Microsoft. Though it boosts security, many users don’t apply 2FA. The result showed that 42% of those concerned about regulatory compliance install 2FA but 58% don’t.
Another important finding is, that WordPress security plugins decrease the risk inexpensively. For security, the majority of users are using free and premium plugins. A small number of people use a mixture of plugins and services while a moderate portion don’t use anything. Melapress described that:
“Plugins remain the most popular for securing WordPress websites, with 75% using a mixture of free and premium plugins to keep their websites secure. A further 5% use a mixture of plugins and services, while 15% use nothing at all.”
Another significant note is teamwork does play a significant role in security approaches. Most team members use best security practices, though 21% do not use them at all. Training team members on security best practices increases the likelihood of better security.
This survey showed that 22% have a breach recovery plan and are doing security in-home. And those who don’t train team members, hire an agency. This can be seen in the fact that respondents who do not train employees and outsource to an agency are 13.17% more likely to experience a breach, Melapress mentioned.
An interesting thing happened in the security breaches report. It seems that 32.8% of those who faced a minimum of one breach don’t have any recovery plan yet. This ratio has increased to 47.2% of those who haven’t experienced it yet.
Leave a Reply